Contracts SATP compatability #427
Conversation
nksazonov
force-pushed
the
feature/contracts-satp
branch
3 times, most recently
from
5bc8660
to
e378615
Compare
|
Trying to clarify what is need to be changed related to |
Yes, that's correct. In the current SATP suggests delegating that responsibility As an, imagine a 3-party channel between Alice, Irene and Bob. The current rules say that at any point in time, either Alice can force an update on chain or Bob can; it's not possible to allow both of them to force an update (which is useful in a channel when Alice and Bob are trading between themselves, as opposed to Alice always giving assets to Bob). Here's an example of how these kinds of rules might be written (replace |
|
The example you have sent is pretty clear, thanks. |
There was a problem hiding this comment.
Thanks for this @nksazonov! I'm still working through the changes but thought it was a good idea to share a couple of points early on :-)
| //SPDX-License-Identifier: MIT License | ||
| pragma solidity 0.7.4; | ||
|
|
||
| library ECRecovery { | ||
|
|
||
| /** | ||
| * @dev Recover signer address from a message by using his signature | ||
| * @param hash bytes32 message, the hash is the signed message. What is recovered is the signer address. | ||
| * @param v v part of a signature | ||
| * @param r r part of a signature | ||
| * @param s s part of a signature | ||
| */ | ||
| function recover(bytes32 hash, uint8 v, bytes32 r, bytes32 s) internal pure returns (address) { | ||
|
|
||
| // Version of signature should be 27 or 28, but 0 and 1 are also possible versions | ||
| if (v < 27) { | ||
| v += 27; | ||
| } | ||
|
|
||
| // If the version is correct return the signer address | ||
| if (v != 27 && v != 28) { | ||
| return (address(0)); | ||
| } else { | ||
| return ecrecover(hash, v, r, s); | ||
| } | ||
| } | ||
|
|
||
| } |
There was a problem hiding this comment.
This file is new, but doesn't appear to be used anywhere?
It looks to me like a wrapper for ecrecover which may add some extra safety. Is that right? Is there something equivalent in the openzeppelin library that we could use https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/utils/cryptography/ECDSA.sol ?
There was a problem hiding this comment.
Edit: I see that it is used inside ForceMove.sol (didn't spot it because GitHub hides large diffs!). Still I would like to understand the thinking behind introducing it.
There was a problem hiding this comment.
It is a wrapper for ecrecover indeed. The reason this file was introduced is inconsistency of returned v signature value in go-ethereum (as described here) and its difference with what pure ecrecover solidity function expects (i.e. v to be either 27 or 28).
We thought of using fault-proof OpenZeppelin analogy, but it has a lot of unnecessary tweaks and, more importantly, requires modification to support what we need. Thus it was simpler and clearer to make a library with the same modifications that should have been done to OpenZeppelin contract.
There was a problem hiding this comment.
I see. I wonder if it is better to fix this problem in the go-nitro client code, rather than on chain? That seems to be the advice from the go-ethereum team. What do you think?
There was a problem hiding this comment.
I agree. We will try to fix it from go-nitro client code ASAP.
| "types": ["node", "jest"], | ||
| "target": "es2018", | ||
| "module": "commonjs", | ||
| "strict": true, |
There was a problem hiding this comment.
Good to see "strict": true. Does tsc . work, or are there errors?
There was a problem hiding this comment.
tsc --project ./ from root folder produces
Errors Files
7 node_modules/@types/jest/index.d.ts:35
2 scripts/postdeploy.ts:6There was a problem hiding this comment.
Maybe outside the scope of this work, but it might be nice to get to zero errors. Also, we want to gitignore the resulting dist folder.
| await (await ForceMove.setStatus(getChannelId(twoPartyFixedPart), HashZero)).wait(); | ||
| }); | ||
| // FIX: even if dropping channel status before each test, turn nums from prev tests are saved and can cause reverts | ||
| it.each` | ||
| description | appData | outcome | turnNums | challenger | ||
| ${'challenge(0,1) accepted'} | ${[0, 0]} | ${[]} | ${[0, 1]} | ${1} | ||
| ${'challenge(1,2) accepted'} | ${[0, 0]} | ${[]} | ${[1, 2]} | ${0} | ||
| ${'challenge(1,2) accepted, MAX_OUTCOME_ITEMS'} | ${[0, 0]} | ${largeOutcome(MAX_OUTCOME_ITEMS)} | ${[1, 2]} | ${0} | ||
| ${'challenge(3,4) accepted, MAX_OUTCOME_ITEMS'} | ${[0, 1]} | ${largeOutcome(MAX_OUTCOME_ITEMS)} | ${[3, 4]} | ${0} |
There was a problem hiding this comment.
I'd like to understand this a little better. What's going wrong?
There was a problem hiding this comment.
The last test fails due to transaction revert with reason turnNumRecord not increased, which corresponds to CountingApp.sol. Both changing turnNums to [3, 4] and removing middle test help to avoid this revert. Unfortunately, I was not able to debug CountingApp.sol (via console.log) behavior with this tests because ganache is created dynamically and even setting env args to enable logging does not help.
| /** | ||
| * @dev The IForceMoveApp interface calls for its children to implement an application-specific validTransition function, defining the state machine of a ForceMove state channel DApp. | ||
| */ | ||
| interface IForceMoveApp { | ||
| struct VariablePart { | ||
| bytes outcome; | ||
| bytes appData; | ||
| } |
There was a problem hiding this comment.
@nksazonov This struct needs updating, too, I think?
There was a problem hiding this comment.
Yeah, I've also realized it needs updating to support latestSupportedState.
|
@nksazonov thanks a lot for all these contributions! We would like to propose the following workflow:
How does this sound to you? Please let me know your thoughts. |
|
There is also another thing I would like to resolve before merging!
|
Yes, this is the reason. Deleting ours should solve the problem. |
Contracts changes:
TODO: